sysutils/uutils-coreutils: import package
uutils coreutils is a cross-platform reimplementation of the GNU coreutils in
Rust. While all programs have been implemented, some options might be missing
or different behavior might be experienced.
This project aims to be a drop-in replacement for the GNU utils. Differences
with GNU are treated as bugs.
uutils aims to work on as many platforms as possible, to be able to use the
same utils on Linux, Mac, Windows and other platforms. This ensures, for
example, that scripts can be easily transferred between platforms.
openssl: update to 3.6.2.
OpenSSL 3.6.2 is a security patch release. The most severe CVE fixed in this
release is Medium.
This release incorporates the following bug fixes and mitigations:
* Fixed incorrect failure handling in RSA KEM RSASVE encapsulation.
([CVE-2026-31790])
* Fixed loss of key agreement group tuple structure when the `DEFAULT` keyword
is used in the server-side configuration of the key-agreement group list.
([CVE-2026-2673])
* Fixed out-of-bounds read in AES-CFB-128 on x86-64 CPUs with AVX-512 support.
([CVE-2026-28386])
* Fixed potential use-after-free in DANE client code.
([CVE-2026-28387])
[13 lines not shown]
editors/kibi: update to 0.3.3
0.3.3 - 2026-01-01
Added
Ctrl + / to comment / uncomment lines (#416)
Strong stack protection in release binaries (#535)
Removed
Build scripts are excluded from published crates (#538)
0.3.2 - 2025-11-23
Added
Support for NO_COLOR standard: all color output will be disabled if the NO_COLOR environment variable is set (#499)
Ctrl + R can now remove the very last line (#498)
Changed
[9 lines not shown]
x11/alacritty: update to 0.17.0
Packaging
- Fixed invalid logo SVG attributes
- New alacritty-escapes(7) manpage
- Removed broken flash capability from terminfo
Added
- Ability to bind WheelUp and WheelDown in mouse.bindings
- Support TOML 1.1 syntax
- window.resize_increments support on Wayland
Changed
- Don't highlight hints on hover when the mouse cursor is hidden
- IME is disabled in Vi mode on X11
- Require explicit tap to enable IME with touch input
[9 lines not shown]
boost-libs: add provisions to conditionally build w/ cobalt
... but then force it off unconditionally. Presumably nothing in
pkgsrc currently needs it. The library requires C++20 and we are
not ready to bump boost's USE_CXX_FEATURES from C++14 yet.
(Without this we get PLIST errors with GCC 16.)
multimedia/dav1d: Update to 1.5.3
Changelog:
Changes for 1.5.3 'Sonic':
--------------------------
1.5.3 is a minor release of dav1d, focused on RISC-V and maintenance:
- Misc small optimizations
- RISC-V assembly optimizations for ipred, emu_edge and w_mask,
and VLEN 512 for blend functions
- Fix issue with ivf files with 0 frames in tools
Changes for 1.5.2 'Sonic':
--------------------------
1.5.2 is a minor release of dav1d, focused on maintenance:
- minor speed improvement in recon
- improvements on loongarch symboles visibility and asm
[4 lines not shown]
mit-krb5: update to 1.22.2
Major changes in 1.22.2 (2026-01-29)
------------------------------------
* Fix a SPNEGO packet parsing bug which could cause GSS mechanism
negotiation failure.
Major changes in 1.22.1 (2025-08-20)
------------------------------------
* Fix a vulnerability in GSS MIC verification [CVE-2025-57736].
Major changes in 1.22 (2025-08-05)
----------------------------------
User experience:
* The libdefaults configuration variable "request_timeout" can be set
to limit the total timeout for KDC requests. When making a KDC
request, the client will now wait indefinitely (or until the request
timeout has elapsed) on a KDC which accepts a TCP connection,
without contacting any additional KDCs. Clients will make fewer DNS
[27 lines not shown]
m4: update to 1.4.21.
* Noteworthy changes in release 1.4.21 (2026-02-06) [stable]
** Fix the `eval' builtin to reject input like `0x' that C does not
accept as an integer literal, rather than silently treating it as zero
(present since "the beginning").
** Fix the `define' and `pushdef' builtins to always warn when attempting
to concatenate the result of using the `defn' macro on a builtin macro
with anything else. This is a counterpart to the change in m4 1.4.11
that issues a warning when `defn' with multiple arguments attempts to
perform concatenation. Attempting to use the output of `defn' anywhere
other than a lone argument during macro definition has never been
portable, but now the outcome is always the remaining text, rather
than being dependent on whether `defn' was used before or after the
other text (present since "the beginning").
** Port to glibc 2.43, which implements functions like strchr as macros
[38 lines not shown]
